Telemetry
microgateway.airlock.com/v1alpha1
Telemetry contains the configuration for telemetry (logging, metrics & tracing).
apiVersion: microgateway.airlock.com/v1alpha1
kind: Telemetry
metadata:
name: telemetry-example
spec:
logging:
accessLog:
format:
json:
"@timestamp": "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
ecs:
version: "8.5"
log:
logger: "access"
level: "info"
event:
kind: "event"
category: ["web"]
type: "%EVENT_TYPE%"
module: "envoy"
dataset: "envoy.access"
outcome: "success"
start: "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
end: "%END_TIME(%Y-%m-%dT%T.%3f%z)%"
duration: "%DURATION_IN_NANOSECONDS%"
airlock:
access_control: "%ACCESS_CONTROL%"
actions:
block: "%BLOCK_ACTION%"
header_rewrites: "%HEADER_REWRITES%"
http:
request:
accept_language: "%REQ(ACCEPT-LANGUAGE):100%"
correlation_id: "%DYNAMIC_METADATA(com.airlock.microgateway.telemetry:correlation_id)%"
response:
redirect_url: "%RESP(LOCATION):1000%"
log_correlation: "%LOG_CORRELATION%"
summary:
action: "%SUMMARY_ACTION%"
details: "%RESPONSE_CODE_DETAILS%"
flags: "%RESPONSE_FLAGS%"
upstream:
destination:
ip: "%UPSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%UPSTREAM_REMOTE_PORT%"
http:
version: "%UPSTREAM_HTTP_VERSION%"
destination:
ip: "%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_LOCAL_PORT%"
http:
request:
body:
bytes: "%BYTES_RECEIVED%"
bytes: "%REQUEST_HEADERS_AND_BODY_BYTES%"
id: "%STREAM_ID%"
method: "%REQ(:METHOD):100%"
mime_type: "%REQ_MIME_TYPE:500%"
referrer: "%REQ(REFERER):1000%"
response:
body:
bytes: "%BYTES_SENT%"
bytes: "%RESPONSE_HEADERS_AND_BODY_BYTES%"
mime_type: "%RESP_MIME_TYPE:500%"
status_code: "%RESPONSE_CODE%"
version: "%HTTP_VERSION%"
network:
forwarded_ip: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
observer:
product: "Airlock Microgateway"
type: "waap"
vendor: "Ergon Informatik AG"
version: "%ENVIRONMENT(ENGINE_VERSION)%"
source:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
url:
domain: "%HTTP_HOST:500%"
path: "%REQ_WITHOUT_QUERY(:PATH):1000%"
query: "%REQ_QUERY(:PATH):1000%"
user_agent:
original: "%REQ(USER-AGENT):500%"
# Additional log keys under 'custom'.
custom:
downstream:
# Log TLS attributes of the downstream connection.
tls:
protocol: "%DOWNSTREAM_TLS_VERSION%"
cipher: "%DOWNSTREAM_TLS_CIPHER%"
session_id: "%DOWNSTREAM_TLS_SESSION_ID%"
# Log the direct remote ip address and port.
direct_remote_address:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
http:
request:
# Log the request header 'Cookie'.
cookie: "%REQ(cookie):500%"
correlation:
# Enable correlation id logging based on a custom header.
idSource:
header:
name: X-Request-IdapiVersion: microgateway.airlock.com/v1alpha1
kind: Telemetry
metadata:
name: default
spec:
logging:
accessLog:
format:
json:
"@timestamp": "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
ecs:
version: "8.5"
log:
logger: "access"
level: "info"
event:
kind: "event"
category: [ "web" ]
type: "%EVENT_TYPE%"
module: "envoy"
dataset: "envoy.access"
outcome: "success"
start: "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
end: "%END_TIME(%Y-%m-%dT%T.%3f%z)%"
duration: "%DURATION_IN_NANOSECONDS%"
airlock:
access_control: "%ACCESS_CONTROL%"
actions:
block: "%BLOCK_ACTION%"
header_rewrites: "%HEADER_REWRITES%"
log_only: "%LOG_ONLY_ACTIONS%"
http:
request:
accept_language: "%REQ(ACCEPT-LANGUAGE):100%"
correlation_id: "%DYNAMIC_METADATA(com.airlock.microgateway.telemetry:correlation_id)%"
response:
redirect_url: "%RESP(LOCATION):1000%"
log_correlation: "%LOG_CORRELATION%"
summary:
action: "%SUMMARY_ACTION%"
details: "%RESPONSE_CODE_DETAILS%"
flags: "%RESPONSE_FLAGS%"
upstream:
destination:
ip: "%UPSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%UPSTREAM_REMOTE_PORT%"
http:
version: "%UPSTREAM_HTTP_VERSION%"
destination:
ip: "%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_LOCAL_PORT%"
http:
request:
body:
bytes: "%BYTES_RECEIVED%"
bytes: "%REQUEST_HEADERS_AND_BODY_BYTES%"
id: "%STREAM_ID%"
method: "%REQ(:METHOD):100%"
mime_type: "%REQ_MIME_TYPE:500%"
referrer: "%REQ(REFERER):1000%"
response:
body:
bytes: "%BYTES_SENT%"
bytes: "%RESPONSE_HEADERS_AND_BODY_BYTES%"
mime_type: "%RESP_MIME_TYPE:500%"
status_code: "%RESPONSE_CODE%"
version: "%HTTP_VERSION%"
network:
forwarded_ip: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
observer:
product: "Airlock Microgateway"
type: "waap"
vendor: "Ergon Informatik AG"
version: "%ENVIRONMENT(ENGINE_VERSION)%"
source:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
url:
domain: "%HTTP_HOST:500%"
path: "%REQ_WITHOUT_QUERY(:PATH):1000%"
query: "%REQ_QUERY(:PATH):1000%"
user_agent:
original: "%REQ(USER-AGENT):500%"
correlation:
request:
alterRequestID: true
allowDownstreamRequestID: trueTelemetry
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata |
yes | ||
| spec | object | Specification of the desired telemetry behavior. | no |
Telemetry.spec
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
| correlation | object | Correlation defines the correlation aspects of Telemetry. | no | ||
| logging | object | Logging defines the logging aspects of Telemetry. | no |
Telemetry.spec.correlation
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
| idSource | object | IDSource specifies how an external correlation ID should be obtained for a request. If not specified, no correlation ID will be logged. | no | ||
| request | object | Request defines the request related correlation settings of Telemetry. | no |
Telemetry.spec.correlation.idSource
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
| header | object | Header specifies to extract the correlation ID from a request header. If the header is absent from a request, no correlation ID will be logged. | yes |
Telemetry.spec.correlation.idSource.header
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
name |
string | Name of the header (case-insensitive) from which to extract the correlation ID. | no | X-Correlation-Id |
Telemetry.spec.correlation.request
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
allowDownstreamRequestID |
bool | AllowDownstreamRequestID defines whether trace sampling will consider a provided x-request-id. | no | true |
true, false |
alterRequestID |
bool | AlterRequestID defines whether to alter the UUID to reflect the trace sampling decision. If disabled no modification to the UUID will be performed, this may break tracing in the upstream. | no | true |
true, false |
Telemetry.spec.logging
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
| accessLog | object | AccessLog defines the access log settings of Telemetry. | no |
Telemetry.spec.logging.accessLog
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
| format | object | Format defines the Access Log format of the sidecar. | no |
Telemetry.spec.logging.accessLog.format
| Field | Type | Description | Required | Default | Allowed Values |
|---|---|---|---|---|---|
json |
unstructured | JSON defines the Access Log format as JSON. | no |